How to Deploy Containers Directly to AWS ECS using Docker

AWS Jul 09, 2020

Docker has been busy at work, extending the Docker compose functionality. What's new this week is the ability to deploy docker containers directly to Amazon AWS ECS using the standard Docker commands.

A flurry of development has occurred since the release of the compose specification. Microsoft Azure integrated compose with their Azure Container Instances (ACI) and now Amazon with AWS ECS.

The new compose specification allows developers to develop locally and then switch context to AWS and deploy the same application directly to AWS ECS using all your existing local development tools and workflows.

The integration between Docker and Amazon AWS ECS allows developers to use the Docker CLI to:

  • Set up a new Docker context https://docs.docker.com/engine/context/working-with-contexts/ enabling the connection between Docker and ECS. The new AWS context is setup using one Docker command. Docker Context allows you to switch from a local context to a cloud context and run applications quickly and easily.
  • Simplify multi-container application development and deployment on Amazon AWS ECS using the Compose specification.

Prerequisites

Before getting started, we need to ensure a couple of things are in place.

  1. Ensure you have the latest Docker edge release containing the ECS functionality
  2. Ensure you have an AWS account
  3. Install the AWS CLI tool - https://aws.amazon.com/cli/
  4. Create IAM Access keys for your user - https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_access-keys.html
  5. Create an ECS cluster. I would recommend using ECS Fargate. Fargate allows you to deploy containers to the ECS cluster without worrying about managing managers/workers. **Be sure to save the name of the ECS cluster for later**  - https://docs.aws.amazon.com/AmazonECS/latest/userguide/create_cluster.html

Setup ECS in Docker

Once we complete the prerequisites, we can continue with the setup of Docker with ECS. Docker has a built-in setup tool, surprisingly called `docker ecs setup` How easy is that?

  1. Open a Terminal window (Powershell or Linux shell)
  2. Type docker ecs setup
  3. Answer the questions prompted on the screen
  • Enter context name: Choose a unique identifying name for the AWS ECS context
  • Enter cluster name: Step 4 of the prerequisite you should insert the name of the cluster you created here
  • Enter region: This is the region where you ECS cluster is deployed
  • Enter Credentials: Step 3 of the prerequisites insert your access keys here
  1. Switch the new AWS context. Run: docker context use <name you provided from step 4 of the setup>  If you don't remember you can run docker context ls to view your available contexts.
Setting up Docker ECS


Deploying our first app

I've created a demo repo using my favorite cat Gif generator Python application.

Deploy our image to AWS Elastic Container Registry (ECR)

  1. Clone the repo - https://github.com/vegasbrianc/docker-ecs-demo
  2. Create an AWS ECR Repo format `repo-name/application-name`
  3. Once you created the Repo you will find a new button called push commands. These commands will walk you through building the image, tagging, and pushing to ECR
ECR push commands

4. Copy the image URI. Should look something like 123456.dkr.ecr.eu-central-1.amazonaws.com/brian-test/docker-ecs-demo

Copy the URI of the newly created repo

Once the image is available in ECR, we can deploy our application.

First, edit the docker-compose.yml file

  1. Navigate to the project directory /docker-ecs-demo
  2. Open the docker-compose.yml
  3. Add your image URI to the image line in the docker-compose.yml file

Should look like

version: '3.4'

services:
  pythonproject:
    image: 123456.dkr.ecr.eu-central-1.amazonaws.com/brian-test/docker-ecs-demo
    build:
      context: .
      dockerfile: Dockerfile
    ports:
      - 80:5000
Insert the Image URI into the image block as seen above

Next, we can deploy the Cat GIF application.

  1. Deploy the application docker ecs compose -n CatApp up we added -n to provide a unique name to our stack
  2. This command will then run for a couple of minutes as AWS will create the ECS service & task, Security Groups, Logging, Loadbalancers, Roles, networks, and more.
  3. Once the command has completed, you can then visit the deployment by opening the AWS Console ECS -> Clusters -> click the name of your ECS Cluster. Here you will find the deployment of our Cat application
  4. View our application in a browser. In the AWS console navigate to EC2 -> Load Balancers
  5. Copy the DNS Name of the load balancer into your browser and add port :5000 at the end of the DNS name

Here's the Cat Application running in the 56K.Cloud account. Every time you refresh the webpage, you find a new Cat GIF. Endless entertainment and the true use of the internet, cat GIFs.

Live Demo - http://pythondemoloadbalancer-8271419734bafe24.elb.eu-central-1.amazonaws.com:5000/

Private Docker Repos

Docker ECS integration automatically configures authorization so you can pull private images from Amazon ECR registry on the same AWS account. If you want to use another registry, including Docker Hub, you’ll have to create a Username + Password (or Username + Token) secret on Amazon SMS service.

The Docker ECS integration also offers the possibility to use secrets. The docker ecs secret command allows you to manage secrets created on AWS SMS without having to install the AWS CLI.

docker ecs secret create dockerhubAccessToken --username <dockerhubuser>  --password <dockerhubtoken>

arn:aws:secretsmanager:eu-west-3:12345:secret:DockerHubAccessToken

Once created, you can use this ARN in your Compose file using using x-aws-pull_credentials custom extension aside the Docker image URI for your service

version: 3.8
services:
  worker:
  image: mycompany/privateimage
  x-aws-pull_credentials: "arn:aws:secretsmanager:eu-west-3:12345:secret:DockerHubAccessToken"

If you set Compose file version 3.8 or later, you can use the same Compose file for local deployment using docker-compose. Custom extension will be ignored.

What's next for Docker ECS?

Since Docker ECS is freshly available on the Edge channel we recommend testing and providing feedback. If you find any issues please report them directly on the Docker ECS repo.

More information


Find out more about 56K.Cloud

We love Cloud, IoT, Containers, DevOps, and Infrastructure as Code. If you are interested in chatting connect with us on Twitter or drop us an email: info@56K.Cloud. We hope you found this article helpful. If there is anything you would like to contribute or you have questions, please let us know!

Brian Christner

Brian Christner hails from Arizona but now resides in the Alps of Switzerland. Brian is a nominated member of the Docker Captain’s program and specializes in converting coffee into containers.